CVE-2021-0535 - log back

CVE-2021-0535 edited at 04 Apr 2022 23:03:27
Severity
- Medium
+ High
CVE-2021-0535 edited at 22 Jun 2021 13:04:23
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Privilege escalation
Description
+ In wpas_ctrl_msg_queue_timeout of ctrl_iface_unix.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation.
References
+ https://source.android.com/security/bulletin/pixel/2021-06-01
+ https://w1.fi/cgit/hostap/commit/wpa_supplicant/?id=8ca330bd709bf7c000dfda5b1edbc0cbeabb8b55
CVE-2021-0535 created at 22 Jun 2021 13:02:56
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes